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DETAILED ACTION 

1 . This action is responding to application papers filed on 12-12-2003. 

2. Claims 1 - 28, 41 -43 are pending. Claims 41 - 43 are new. Claims 29 -40 
have been cancelled. Claims 1, 10, 19, 24, 41 are independent. 

Response to Arguments 

3. Applicant's arguments filed 1/22/2008 have been fully considered and were 
persuasive, therefore a new grounds of rejection has been entered. 

3.1 Applicant argues that the referenced prior art does not disclose, "authentication of 
an access point and verification of discovery information", (see Remarks Pages 10, 11) 

The Meier prior art discloses authentication of an access point and verification of 
discovery information. The Whelan prior art does not discredit or discourage the 
verification of access point information as such does not teach away (see Remarks 
Page 12, Lines 24-27) from the verification of access point information (MPEP 2145[R- 
3].X.D.1). The combination is entirely justified since an advantage (motivation) can be 
achieved from the prior art combination (Whelan and Meier). 

3.2 Applicant argues authentication using a list, (see Remarks Page 11, 12) 
After initial authentication, the list is utilized. But, the access point is still 

authenticated, (see Whelan paragraph [0052], lines 1-12: access point is still 
authenticated; even if access point is not on a list) 
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3.3 The examiner has considered the applicant's remarks concerning network devices 
accessing a communications network and engaging in secure associations with one or 
more network access points upon authenticating the access points and upon verifying 
the discovery information that is broadcast by the access point. Once a secure 
association is created, management frames transmitted between the network devices 
and the access points are used to control the secure association and are aiso verified to 
further enhance the security of the communications network. Applicant's arguments 
have thus been fully analyzed and considered but they are not persuasive. 

After an additional analysis of the applicant's invention, remarks, and a search of 
the available prior art, it was determined that the current set of prior art consisting of 
Whelan (20040198220) and Meier (6,950,628) discloses the applicant's invention. 

Claim Rejections - 35 (JSC § 101 

4. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful Improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

5. The claimed invention is directed to non-statutory subject matter. Claims 10-18, 

24 - 28 are directed toward a computer program product comprising one or more 

computer readable media. The specification discloses that computer readable media is 

any medium used to carry program code means in the form of computer executable 

instructions and data structures. 

Specification paragraph [0025] (from eDAN): "Byway of example, and not limitation, 
such computer-readable media can comprise physical storage media such as 
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RAM, ROM, EEPROM, CD-ROM or other optical disk storage, magnetic disk 
storage or other magnetic storage devices, or any other medium which can be 
used to carry or store desired program code means in the form of computer- 
executable instructions or data structures and which can be accessed by a general 
purpose or special purpose computer." 

The term "carry" denotes the capability for program instructions to be carried by a 

"carrier wave" or "radio wave" and therefore is based on non-statutory subject matter. 

Appropriate correction required. 

Claim Rejections - 35 USC § 103 

6. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art 
are such that the subject matter as a whole would have been obvious at the time the invention was made 
to a person having ordinary skill in the art to which said subject matter pertains. Patentability shall not be 
negatived by the manner in which the invention was made. 

7. Claims 1 - 28, 41 - 43 are rejected under 35 U.S.C. 1 03 (a) as being 
unpatentable over Whelan et al. (US PGPUB No. 20040198220) in view of Meier et al. 
(US Patent No. 6,950,628). 

With Regards to Claims 1,10, Whelan discloses in a station, computer program 
product that is capable of communicating with at least one access point in a 
communications network, a method for creating a secure association between the 
station and at least one access point, the method comprising: 

a) obtaining discovery information from one or more access points in the 

communications network, the discovery information reflecting capabilities of the 
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one or more respective access points to facilitate communication with the station; 
(see Whelan paragraph [0049], lines 1-10: detect (discover) information obtained 
from access points; col. 2, lines 30-32: software; computer readable 
implementation) 

b) selecting one of the access points to become associated with; (see Whelan 
paragraph [0049], lines 10-12: placed on associated list) 

c) authenticating the selected access point; (see Whelan paragraph [0054], lines 1- 
4; paragraph [0026], lines 1-4: authenticate access point (mobile device)) 

Whelan discloses the discovery of an access point, (see Whelan paragraph [0013], 
lines 3-7: request for verification; paragraph [0009], lines 1-3; paragraph [0054], lines 
1-4: authenticate access point; paragraph [0013], lines 7-10: receive response) 
Whelan does not specifically disclose a method to verify the information concerning 
an access point. 
However, Meier discloses: 

d) sending a discovery verification request to the selected access point for the 
discovery information of the selected access points to be verified; (see Meier col. 
3, lines 1-5; col. 3, lines 15-18: send message to access point including SSID 
(security object); verifying the access point); verification procedure for access 
point) 

e) receiving an acknowledgement receipt from the selected access point verifying 
the discovery information, (see Meier co!. 6, lines 30-39: allow connection if the 
access point does have a matching SSID; connection is allowed 
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(acknowledgement)) 
It would have been obvious to one of ordinary skill in the art to modify Wheian 
to use a discovery verification request as taught by Meier. One of ordinary skill in 
the art would have been motivated to employ the teachings of Meier in order to 
differentiate network access for different classes of users, especially wireless LAN 
users, (see Meier col. 1 , lines 19-24: " ... he present invention relates generaiiy to 
network access and more particularly to a method and system to differentiate 
network access for different classes of users. It is becoming increasingly important 
to differentiate network access for different classes of users, in particular different 
classes of wireless LAN users. ...") 

With Regards to Claims 2, 11, Wheian discloses a method, computer program product 
as recited in claims 1,10, wherein the discovery verification request includes an 
identifiable security object obtained during authentication, (see Wheian paragraph 
[0013], lines 3-7: authentication request; paragraph [0076], lines 1-3: certificate, security 
object) However, Meier discloses wherein discovery verification request includes a 
security object, (see Meier col. 3, lines 1-5; col. 3, lines 15-18: send message to access 
point including SSID (security object); verifying the access point); SSID security object 
in verification request) 

It would have been obvious to one of ordinary skill in the art to modify Wheian to 
use a security object in a discovery verification request as taught by Meier. One of 
ordinary skill in the art would have been motivated to employ the teachings of Meier in 
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order to differentiate network access for different classes of users, especially wireless 
LAN users, (see Meier col. 1, lines 19-24) 

With Regards to Claims 3, 12, Whelan discloses a method, computer program product 
as recited in claims 2,11, wherein the identifiable security object includes at least one of 
an encryption key, a certificate and a hash number, (see Whelan paragraph [0076], 
lines 1-3: certificate, security object) 

With Regards to Claims 4, 13, Whelan discloses a method, computer program product 
as recited in claims 1,10, wherein authenticating the access point includes identifying a 
certificate from a trusted certificate authority, (see Whelan paragraph [0096], lines 1-3; 
paragraph [0076], lines 3-5: certificate authority (CA) utilized for authentication) 

With Regards to Claims 5, 14, Whelan discloses a method, computer program product 
as recited in claims 4, 13, wherein the trusted certificate authority is a server of the 
communications network, (see Whelan paragraph [00076], lines 3-5: CA is a server) 

With Regards to Claims 6, 15, Whelan discloses a method, computer program product 
as recited in claims 1,10, wherein authenticating the access point is part of a mutual 
authentication that also involves the access point authenticating the station, (see 
Whelan paragraph [0009], lines 1-3; paragraph [0054], lines 1-4: mutual authentication) 
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With Regards to Claims 7, 16, Whelan discloses a method, computer program product 
as recited in claims 1,10, further including an act of sending a frame to the access point 
after receiving the acknowledgment receipt, wherein the frame includes a verifiable key 
that indicates to the access point that the frame is actually received from the station, 
(see Whelan paragraph [0094], lines 1-3: shared secret key utilized to exchange 
messages) 

With Regards to Claims 8, 17, Whelan discloses a method, computer program product 
as recited in claim 7, wherein the frame includes a management frame configured to 
control the secure association between the access point and the station, (see Whelan 
paragraph [0094], lines 1-3: secure exchange of messages between mobile units 
(access point and station)) 

With Regards to Claims 9, 18, Whelan discloses a method, computer program product 
as recited in claims 8, 16, wherein the management frame is configured to terminate the 
secure association, (see Whelan paragraph [0030], lines 1-5; paragraph [0030], lines 
17-20: excluded list (terminate association)) 

With Regards to Claims 19, 24, Whelan discloses in an access point that is capable of 
communicating with at least one station in a communications network, a method, 
computer program product for creating a secure association between the station and at 
least one access point, the method comprising: 
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a) providing discovery information to the station, the discovery information reflecting 
capabilities of the access point to facilitate communication with the station; (see 
Whelan paragraph [0049], lines 1-10: provide (discovery) information obtained 
from access points) 

b) providing a certificate with the discovery information that is used by the station to 
authenticate the access point; (see Whelan paragraph [0096], lines 1-3: 
certificate utilized in authentication) 

Whelan discloses the discovery of an access point, (see Whelan paragraph [0013], 
lines 3-7: request for verification; paragraph [0009], lines 1-3; paragraph [0054], lines 
1-4: authenticate access point; paragraph [0013], lines 7-10: response to request) 
Whelan does not specifically disclose a method to verify the information concerning 
an access point. 
However, Meier discloses: 

c) receiving a discovery verification request from the station for the discovery 
information to be verified; (see Meier col. 3, lines 1-5; col. 3, lines 15-18: send 
message to access point including SSID (security object); verifying the access 
point); verification procedure for access point) 

d) verifying the discovery verification request to the station, (see Meier col. 6, lines 
30-39: allow connection if the access point does have a matching SSID; 
connection is allowed (acknowledgement)) 

It would have been obvious to one of ordinary skill in the art to modify Whelan 
to use a discovery verification request as taught by Meier. One of ordinary skill in 
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the art would have been motivated to employ the teachings of Meier in order to 
differentiate network access for different classes of users, especially wireless LAN 
users, (see Meier col, 1 , lines 19-24) 

With Regards to Claims 20, 25, Whelan discloses a method, computer program 
product as recited in claims 19, 24, wherein the discovery verification request includes 
an identifiable security object obtained during authentication of the access point by the 
station, (see Whelan paragraph [0076], lines 3-5; paragraph [0096], lines 1-3: certificate, 
security object) 

With Regards to Claims 21, 26, Whelan discloses a method, computer program 
product as recited in claims 20, 25, wherein the identifiable security object includes at 
least one of an encryption key, a certificate and a hash number, (see Whelan paragraph 
[0076], lines 3-5; paragraph [0096], lines 1-3: security object, certificate) 

With Regards to Claims 22, 27, Whelan discloses a method, computer program 
product as recited in claims 19, 24, wherein the certificate is signed by a server of the 
communications network, (see Whelan paragraph [0096], lines 1-3: CA, server system, 
certificate signed by CA) 

With Regards to Claims 23, 28, Whelan discloses a method, computer program 
product as recited in claims 19, 24, further including an act of authenticating the station 
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as an authorized network device, (see Whelan paragraph [0009], lines 1-3; paragraph 
[0054], lines 1-4: authentication, mobile unit) 

With Regards to Claim 41, Whelan discloses in a station that is capable of 
communicating with at least one access point in a communications network, a method 
for creating a secure association between the station and at least one access point, the 
method comprising: 

a) obtaining discovery information from one or more access points in the 
communications network, the discovery information reflecting capabilities of the 
one or more respective access points to facilitate communication with the station; 
(see Whelan paragraph [0049], lines 1-10: detect (discover) information obtained 
from access points) 

b) selecting one of the access points to become associated with and identifying 
discovery information associated therewith; (see Whelan paragraph [0049], lines 
10-12: placed on associated list) 

c) authenticating the selected access point; (see Whelan paragraph [0054], lines 1- 
4; paragraph [0026], lines 1-4: authenticate access point (mobile device)) 

Whelan discloses the discovery of an access point, (see Whelan paragraph [0013], 
lines 3-7: request for verification; paragraph [0009], lines 1-3; paragraph [0054], lines 
1-4: authenticate access point; paragraph [0013], lines 7-10: receive response) 
Whelan does not specifically disclose a method to verify the information concerning 
an access point. 
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However, Meier discloses: 

validating the selected access point discovery information by: 

d) sending a discovery verification request to the selected access point, wherein the 
discovery verification request includes at least a part of the discovery information, 
a identifiable security object, or both, (see Meier col. 3, lines 1-5; col. 3, lines 15- 
18: send message to access point including SSID (security object); verifying the 
access point); verification procedure for access point) 

e) receiving an acknowledgement receipt from the selected access point verifying 
the discovery information, wherein if verified the acknowledgement receipt 
includes the security object or a derivative thereof, (see Meier col. 6, lines 30-39: 
allow connection if the access point does have a matching SSID; connection is 
allowed (acknowledgement)) 

It would have been obvious to one of ordinary skill in the art to modify Whelan 
to use a discovery verification request as taught by Meier. One of ordinary skill in 
the art would have been motivated to employ the teachings of Meier in order to 
differentiate network access for different classes of users, especially wireless LAN 
users, (see Meier col. 1, lines 19-24) 

With Regards to Ciaim 42, Whelan discloses a method as recited in claim 41 , wherein 
the identifiable security object includes at least one of an encryption key, a certificate 
and a hash number, (see Whelan paragraph [0076], lines 1-3: certificate, security 
object) 
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With Regards to Claim 43, Wheian discloses a method as recited in claim 41 , wherein 
authenticating the access point includes identifying a certificate from a trusted certificate 
authority, (see Wheian paragraph [0013], lines 3-7: authentication request; paragraph 
[0076], lines 1-3: certificate) And, Meier discloses wherein during the authentication 
process the identifiable security object is received by the station, (see Meier col. 3, 
lines 1-5; col. 3, lines 15-18: send message between access point and station including 
SSID (security object); verifying the access point); SSID security object in verification 
request) 

It would have been obvious to one of ordinary skill in the art to modify Wheian to 
use a security object in discovery verification as taught by Meier. One of ordinary skill 
in the art would have been motivated to employ the teachings of Meier in order to 
differentiate network access for different classes of users, especially wireless LAN 
users, (see Meier col. 1, lines 19-24) 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Carlton V. Johnson whose telephone number is 571- 
270-1032. The examiner can normally be reached on Monday thru Friday , 8:00 - 
5:00PM EST. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nasser Moazzami can be reached on 571-272-4195. The fax phone 
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number for the organization where this application or proceeding is assigned is 571- 
273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

Carlton V. Johnson 

Examiner 

Art Unit 2136 

CVJ 

April 28, 2008 

/Brandon S Hoffman/ 

Primary Examiner, Art Unit 2136 



